— The cybersecurity community during the COVID-19 emergency
China, Russia Take Advantage of Virus Emergency, U.S Defense Secretary Says (New York Times) Russia and China are taking advantage of the coronavirus emergency to put their interests forward in Europe, U.S. Defense Secretary Mark Esper said on Monday, describing Chinese efforts to promote Huawei mobile phone network equipment as malign.
Advisory: APT groups target healthcare and essential services (NCSC) Joint UK and US advisory highlights ongoing activity by APT groups against organisations involved in the international coronavirus response.
APT Groups Target Healthcare and Essential Services (CISA) This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).
U.K. Cybersecurity Chief Pivots to New Coronavirus Threats (Wall Street Journal) For the 45-year-old chief of the U.K. National Cyber Security Centre, protecting hospitals and other critical infrastructure central to the virus response from cyberattacks is a priority.
U.K. Steps Up Cyber Defense of Institutions Involved in Coronavirus Research (Wall Street Journal) British cybersecurity officials have stepped up efforts to protect virus-related work at over a dozen universities that they have identified as critical players in responding to the coronavirus pandemic, according to government security officials
WHO says has no proof from US on 'speculative' Wuhan lab claims (AFP) The World Health Organization said Monday that Washington had provided no evidence to support "speculative" claims by the US president that the new coronavirus originated in a Chinese lab.
Key U.S. Allies Skeptical of Trump’s Coronavirus Lab Leak Claims (Foreign Policy) Five Eyes members and intelligence analysts push back against attempts to pin the virus on Chinese biosafety mistakes.
US allies tread lightly around Trump virus lab claims (BBC News) Officials are wary of speaking openly to avoid offending both US and Chinese sensibilities.
Fauci: No scientific evidence the coronavirus was made in a Chinese lab (National Geographic) In an exclusive interview, the face of America’s COVID-19 response cautions against the rush for states to reopen, and offers his tips for handling the pandemic's information deluge.
Matt Hancock launches contact tracing app pilot on Isle of Wight to 'get country back on its feet' (The Telegraph) The Isle of Wight will lead the UK in trialling a new app designed to help authorities keep on top of coronavirus cases, ahead of starting to lift the lockdown.
NHS tracking app trials get underway as Indian app security glitch reported (SC Magazine) Trials have begun this week on the Isle of Wight for a Coronavirus tracing app, and while security and privacy are a key component, news of a glitch in an Indian app mean the issue remains under scrutiny.
NHS contact tracing app: How does it work and when can you download it? (The Telegraph) The NHS contact tracing app could help lift the lockdown measures
UK finds itself almost alone with centralized virus contact-tracing app that probably won't work well, asks for your location, may be illegal (Register) Herd immunity all over again
UK COVID-19 contact-tracing app data may be kept for 'research' after crisis ends, MPs told (Register) Want to opt out of that part? No chance, says NHSX chief
NHSX contact-tracing app needs legislative oversight (ComputerWeekly.com) Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app.
No silver bullets and ‘bumps in the road’ likely but UK contact-tracing app development gathers pace (ComputerWeekly.com) UK scientific experts address doubts on contact-tracing app’s effectiveness, particular regarding data privacy, but admit that its nature may have to evolve as the roll-out scales up.
Fitbit plans to turn fitness bands into symptom trackers to fight coronavirus (The Telegraph) Fitbit held discussions with the White House to discuss how its devices and user data could help monitor public health
Analysis | The Cybersecurity 202: Coronavirus tracking apps spark security concerns (Washington Post) Data collected by the contact tracing and symptom-checking apps could be a treasure trove for hackers.
Road Map For a Cautious Approach to Contact Tracing (Cooley) Law360 “It has become increasingly clear that a combination of COVID-19 testing and use of geolocation technologies for contact tracing will be essential for the nation to get back to life an…
Apple, Google ban use of location tracking in contact tracing apps (Reuters) Apple Inc and Alphabet Inc's Google on Monday said they would ban the use of location tracking in apps that use a new contact tracing system the two are building to help slow the spread of the novel coronavirus.
The Security and Privacy Implications of COVID-19 Location Data Apps (FireEye) Researchers around the world are rushing to create vaccines and medicines that can stop the COVID-19 pandemic or at least halt its spread. In the midst of these efforts, there has been plenty of evidence that technology has a useful role to play in mitigating the crisis and making a valuable contribution in this global battle.
A fake coronavirus tracking app is actually ransomware that threatens to leak social media accounts and delete a phone's storage unless a victim pays $100 in bitcoin (Business Insider) If victims don't pay the ransom within 48 hours, the hackers say they'll leak social media accounts and delete all the phone's data.
Some States Dabble in Online Voting, Weighing Pandemic Against Cybersecurity Concerns (Wall Street Journal) Voting via the internet, if limited, shows how the pandemic is forcing some election officials to weigh protecting public safety along with cybersecurity in ways that seemed far-fetched a few months ago.
Is online voting the answer during a pandemic? Cybersecurity experts say no (Bellingham Herald) The coronavirus pandemic has created a need for a new way to hold elections, and while many states are considering vote-by-mail, some states are experimenting with “internet voting.”
Anti-quarantine protesters are being kicked off Facebook and quickly finding refuge on a site loved by conspiracy theorists (Business Insider) MeWe's commitment to free expression has led it to become a home to users who were kicked off Facebook or Twitter for violating their policies.
Serious security flaws found in Israeli distance learning system (The Jerusalem Post) 'All digital platforms can be used as a battleground for cyber attacks and as use of a platform increases, so too the platform becomes more of a 'quality' target for cyber criminals'
Zoom could have far fewer users than previously reported (SearchUnifiedCommunications) Zoom does not have 300 million daily users. The company acknowledged an error in a previous blog post and clarified that its 'daily participant' metric counts some users more than once.
Hackers hide behind fake Microsoft Teams notification to steal victim credentials (SC Magazine) Credential stealing attack uses Microsoft Teams notificaiton, numerous URL redirects, to conceal from email protection services.
Urgent warning over ‘subsidy benefit’ scam circulating amid COVID crisis (7NEWS.com.au) Thousands of individuals and businesses have applied for financial assistance during the COVID-19 pandemic.
Now the ACCC has spoken out.
Coronavirus pandemic coincides with spike in online puppy scams (Naked Security) Got plenty of quaran-time to teach something to roll over? Be careful! Puppy lust is leading to broken hearts and emptied wallets.
Phishers target investment brokers, aim for Office, SharePoint login credentials (Help Net Security) Phishers continue to target investment brokers, trying to get them to share their Microsoft Office or SharePoint login credentials by impersonating FINRA.
Fake Microsoft Teams notification emails are hitting inboxes (Help Net Security) Phishers are using fake Microsoft Teams notification emails to trick users into sharing their Microsoft Teams and Office 365 login credentials.
Why remote working need not mean ‘vulnerable to cyber-attack’ (TahawulTech.com) With the right approach organisations can keep data and infrastructure safe as they adapt to remote working, says Qualys MD for Middle East Hadi Jaafarawi.
Cyber Security: Need of the hour (Express Computer) The world has witnessed a paradigm shift in the way, of how an enterprise works due to COVID-19. With more than 2.5M people getting effected due to coronavirus worldwide, and an onset of lockdowns, a lot of industries are directly impacted. Remote working is increasing as […]
COVID-19 Business Continuity: Return to Work Considerations (Chertoff Group) As the spread of the COVID-19 virus begins to approach more manageable levels for public health systems, governments have begun shifting their focus toward the economic element of the pandemic.
Maintaining resiliency in a newly remote age (SC Media) The rapid, global shift to remote work, along with surges in online learning, gaming, and video streaming, is generating record-level internet traffic and congestion.
Cyber Florida Partners with Florida Cyber Threat Organization to Help Identify COVID-19 Online Risks (Cyber Florida) Tampa, FL. – April 30, 2020: Cyber Florida at the University of South Florida and the nonprofit Florida Information Sharing and Analysis Organization (ISAO) are pleased to announce that they will join forces for the duration of the COVID-19 crisis to provide timely and practical cybersecurity threat advisories for businesses, state and local governments, and […]
TekMonks Offers COMPLIMENTARY Teleworking Office for 90 Days (PR Newswire) TekMonks has announced that we will offer qualified companies in COVID-19 battered countries Teleworkr, the only complete remote workforce...
NetEvents Inter@ctive Launched to Boost Online Services to Tech Sector and Media Partners Across the Globe (PR Newswire) NetEvents announced a new NetEvents Inter@ctive service, enabling its live event formats to go online – including CIO round-tables,...
OTRS Ticket System and Helpdesk Software Solutions (OTRS) Learn about the customizable OTRS Ticket System and Help Desk Software. Improve KPIs. Manage SLAs. Adopt a CMDB. Automate business processes. Try now.
Cyber Attacks, Threats, and Vulnerabilities
GoDaddy Confirms Data Breach: What 19 Million Customers Need To Know (Forbes) The world's largest domain registrar, GoDaddy, has disclosed a data breach impacting web hosting account credentials.
New Kaiji malware targets IoT devices via SSH brute-force attacks (ZDNet) Researchers say the malware was coded by a Chinese developer for the sole purpose of launching DDoS attacks.
Over 400 million malware infections detected in last 30 days, more than 10 million daily (Atlas VPN) Data compiled by Atlas VPN reveals there have been nearly 404 million malware infections during the last 30 days worldwide, which makes over 10 million cases per day. More than 64% of the malicious attacks were targeting educational institutions.
Tales From the Trenches; a Lockbit Ransomware Story (McAfee Blogs) In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past months.
Airplane Hack Exposes Weaknesses of Alert and Avoidance Systems (Threatpost) Researchers warn commercial airplane systems can be spoofed impacting flight safety of nearby aircraft.
‘Ghost’ plane hack could cause mid-air crash (SC Magazine) White hat hacker reveals potential for ‘crying wolf’ exploit of weakness in 1980s tech that could potentially cause collisions when planes are in autopilot by social engineering of IOT.
Jeopardising aircraft through TCAS spoofing (Pen Test Partners) The Traffic Alert & Collision Avoidance System or TCAS was first developed in the early 1980s using transponders on aircraft to interrogate other aircraft
LineageOS outage caused by hackers breaching main infrastructure (BleepingComputer) Administrators of LineageOS Android custom operating system were on high alert on Saturday after hackers breached their main infrastructure, causing a full outage.
Tesla Data Leak: Old Components With Personal Info Find Their Way On eBay (InsideEVs) If you want to upgrade the computers in your Tesla, know that the company may not erase your data from it, as white hat hacker GreenTheOnly discovered.
Live streaming adult site leaves 7 terabytes of private data exposed (SafetyDetectives) Our security research team, led by Anurag Sen, has discovered a significant data leak stretching into billions of records at adult live-streaming website CAM4.c
Hacker Bribed 'Roblox' Insider to Access User Data (Vice) The hacker was able to lookup information on high profile Roblox users as well as reset passwords and take other actions on accounts.
More Salt in their wounds: DigiCert hit as hackers wriggle through (patched) holes in buggy config tool (Register) Miscreants too busy mining for crypto to notice the gold lying around them?
Xen Orchestra latest victim of Salt cryptojackers (ComputerWeekly.com) More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward
Blogging platform Ghost hacked through Salt vulnerability (ComputerWeekly.com) Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability.
Tarkett cyber-attack disrupts French flooring company’s operations (The Daily Swig) Company says normal service still not resumed, five days after the incident
York University falls victim to 'serious' cyber attack (CP24) York University was the victim of a “serious” cyber attack Friday evening, according to the school’s administrators.
ILOVEYOU: The Love Bug virus 20 years on – could it happen again? (Naked Security) If you weren’t using a computer 20 years ago, this is what people mean when they talk with dismay about ILOVEYOU or the Love Bug…
Academics turn PC power units into speakers to leak secrets from air-gapped systems (ZDNet) POWER-SUPPLaY technique uses "singing capacitor" phenomenon for data exfiltration.
OK, so you've air-gapped that PC. Cut the speakers. Covered the LEDs. Disconnected the monitor. Now, about the data-leaking power supply unit... (Register) I have no mouth, and I must scream
Hackers Breached Over 160,000 Nintendo Accounts and Misused Payment Information, the Company Admits - CPO Magazine (CPO Magazine) Nintendo has admitted to a data breach of 160,000 Nintendo accounts after users had repeatedly complained on social media of the payment information being misused to make purchases.
Vulnerability Summary for the Week of April 27, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Police Find Skimming Device On Foxon Road Gas Station Pump (East Haven, CT Patch) Police said they found a skimming device installed inside the credit card machine on a pump at the Foxon Road Citgo gas station.
Security Patches, Mitigations, and Software Updates
()
Microsoft Just Dealt A Blow To Google Chrome With These New Security Features (Forbes) Microsoft’s Edge browser is adding a bunch of new security features to take on Google Chrome and help you be more secure while working from home…
Galaxy S8 Drops From Monthly Security Patches to Quarterly (Droid Life) Right around the launch of the Galaxy S20, we pushed a touch of rare praise upon Samsung’s update support for its Galaxy line of phones. While everyone’s faux outrage was boiling over about the $1,000 S20 only seeing two years worth of Android version updates, we reminded you all that they were...
Cyber Trends
What to make of HBO’s ‘Kill Chain: The Cyber War on America’s Elections’ (Fifth Domain) Documentaries such as Kill Chain act as an educational tool for security researchers, political leaders and American citizens on the severity of election security threats. The more we understand these dangers, the better position we are in to prevent an attack
Consumers will opt for competitors after a single ransomware-related service disruption (Help Net Security) Consumers will abandon a product in favor of a competitor after a ransomware-related service disruption, failed transaction, or inaccessible information.
Marketplace
Accenture closes Symantec services acquisition (Channel Asia) Accenture has completed its acquisition of the Symantec cyber security services business from Broadcom.
IBM CEO Lays Out New Initiatives in Cloud, AI (Wall Street Journal) As he addresses the need for growth, Arvind Krishna must drive into the headwinds of a global economic crisis triggered by the coronavirus pandemic.
Identiq Summit Brings Together Global Brands for the First Time to Advance Customer Privacy, Safety and Trust Challenges (Yahoo) Identiq today announced a virtual summit, that for the first time, brought together 17 of the biggest names in payments, retail, ridesharing, online marketplaces, apartment-sharing, gaming and financial services - including Blackhawk Network, Eventbrite, Gett, Green Man Gaming, Intuit, PayU, Plastiq,
Here's What The New "Work From Home" ETF Will Look Like (ETF Focus) Direxion recently announced that it will launch a Work From Home ETF based on the new Solactive Remote Work Index.
Security services recruiting for new talent to fill vetting officer roles (Wales Online) MI5 says it wants people who display a natural curiosity, and are good with people to work as vetting officers at sites across the UK
Semperis Appoints Cybersecurity Veteran Sharon Vardi as Chief Operating Officer (BusinessWire) Semperis, the pioneer of identity-driven cyber resilience for enterprises, today announced the appointment of Sharon Vardi to the newly created role o
Products, Services, and Solutions
Proact launch new service for managed Office 365 backup (Cision) To help organisations secure and protect their important business data, Proact, Europe’s leading
Acquia releases Drupal 9 migration tools (SearchContentManagement) Drupal 9, still in beta, offers new security and usability features. Acquia releases tools for assessing migration from previous versions leading up to the June release.
Authentic8 Debuts Open Source Intelligence Academy for Researchers, Analysts (WashingtonExec) Authentic8 launched April 29 the Open Source Intelligence Academy, a new secure and remote integrated suite of resources and tools to augment training
K-12 Google Meet & Chat Monitoring and Reporting (ManagedMethods) ManagedMethods today announced the addition of Google Meet & Chat monitoring and reporting to its K-12 cybersecurity and student safety platform.
Zettaset Achieves Red Hat OpenShift Operator Certification to Support Advanced Encryption for Data at Rest in OpenShift Environments (BusinessWire) Zettaset has achieved Red Hat OpenShift Operator Certification to support advanced encryption for data at rest in OpenShift environments.
BigID Introduces New Privacy Portal To Help Enterprises Manage Consumer Data Rights and Privacy Preferences (BusinessWire) BigID, the leading data discovery and intelligence platform for privacy, protection and perspective of personal data, today announced their enterprise
Technologies, Techniques, and Standards
PREMIUM: US Army programme blends cyber with traditional EW (Shephard Media) Lockheed Martin is set to expand its work on the US Army’s Multi-Function Electronic Warfare Air Large (MFEW-AL) programme, with the aim of combining EW ...
How to prevent permission bloat: Overlooked and hidden access (Help Net Security) What preemptive measures can prevent an employee from acquiring too much access? This article offers actions that you can take to prevent permission bloat.
Ensuring the Pentagon follows ethics for artificial intelligence (C4ISRNET) By thinking hard about the Pentagon's new principles for artificial intelligence, the department and agencies can ensure those ethics are followed and that the next generation of AI technology is properly fielded.
Malware Analysis as a Prey Animal (Active Countermeasures) Intro The year is 1453 and you’ve been ordered by the king to protect the kingdom from the Great Northern Basilisk. You have […]
Threat Simulation - Client Signatures (TLS Signature) (Active Countermeasures) Intro This article is number 8 of 8 in a series on testing Threat Hunting software to make sure that it’s configured correctly […]
Design and Innovation
Industry 4.0: Cybersecurity for a redesigned manufacturing industry (PropertyCasualty360) The convergence of old systems and new connections has exposed new vulnerabilities in the 'Industry 4.0' digital manufacturing movement.
Firefox’s Private Relay service tests anonymous email alias feature (Naked Security) Mozilla says it will help you come up with alternative email addresses when you sign up for new accounts.
Legislation, Policy, and Regulation
Australia progressing work on agreed norms of responsible state behaviour in cyberspace (ZDNet) Department of Foreign Affairs and Trade is seeking to inform Australia's engagement on two United Nations processes regarding responsible state behaviour in cyberspace.
National Emergency as Trump Bans Foreign Power Grid Kit (Infosecurity Magazine) Executive order tackles threat from state-sponsored hackers
Trump administration pushing to rip global supply chains from China: officials (Reuters) The Trump administration is "turbocharging" an initiative to remove global industrial supply chains from China as it weighs new tariffs to punish Beijing for its handling of the coronavirus outbreak, according to officials familiar with U.S. planning.
An Assessment of Presidential Executive Order 13920 – Securing the United States Bulk-Power System (Control Global) I do not know what precipitated the issuance of the May 1st, 2020 Executive Order. However, this new Executive Order is long overdue, and addresses many longstanding concerns.
INSIGHT: Will This Year’s NDAA Have Cyber Surprises? (Bloomberg Law) Several recommendations from the Cyberspace Solarium Commission report have the possibility of being included in the National Defense Authorization Act. Wiley Rein LLP’s Megan Brown says that due to the implications of several of the report’s recommendations for the private sector, the report should be scrutinized.
Pentagon Chief Chides FCC on Ligado Wireless Deal as GPS Threat (Bloomberg) Esper questions testing that helped company win approval. Military says mobile network by Ligado could foul delicate GPS.
Uncle Sam to agencies: No encrypted DNS for you! (Naked Security) The US federal government has been protecting its users by blocking malicious destinations for years, but it won’t let them take advantage of the latest protective measure in DNS – encryption – jus…
CSIRO names Jon Whittle as Data61's new boss (ZDNet) Jon Whittle will be known as director instead of chief executive, which was the title Adrian Turner held until his departure last September.
Rep. John Ratcliffe, Trump’s pick for intelligence chief, faces grilling by Democrats in confirmation hearing Tuesday (Washington Post) The Senate is holding its first confirmation hearing in the middle of the coronavirus pandemic.
Watch: Senate Considers Intelligence Director Nomination Amid COVID-19 Disaster (NPR) The Senate Select Committee on Intelligence has convened an extraordinary hearing to fill the longstanding vacancy atop the U.S. spy world. Watch it here at 9:30 a.m. on Tuesday.
After nearly 2 years, Grassley lifts hold on counterintel chief nominee (POLITICO) Grassley initially blocked William Evanina’s nomination to head the National Counterintelligence and Security Center in June 2018.
Litigation, Investigation, and Law Enforcement
Did the State do it? The attribution of cyber attacks (Osservatorio Balcani e Caucaso) Whenever a website has issues, we immediately think of hackers – maybe Russians. But how do you understand when a State really is responsible for an attack, and how do you hold it accountable?
Hackerangriff auf Bundestag - Haftbefehl gegen Russen (Süddeutsche.de) Die Bundesanwaltschaft hat einen Haftbefehl gegen einen Hacker erwirkt, der am Angriff auf den Bundestag 2015 mitgewirkt haben soll.
Germany issues arrest warrant for Russian suspect in parliament hack: newspaper (Reuters) German federal prosecutors issued an arrest warrant for an individual they suspected of hacking into the German parliament's computer systems in 2015 on behalf of Russia's GRU intelligence service, the Sueddeutsche Zeitung reported on Tuesday.
Republicans seek information on Chinese ties to US universities (TheHill) House Republicans are seeking information from the Education Department on China's ties to leading U.S.
W.Va. Woman Charged With Mishandling Classified Information (US News & World Report) Court papers show a West Virginia woman who had already been accused of kidnapping her daughter faces a new charge of retaining top-secret information from the National Security Agency in a storage unit she leased.
Assange's U.S. extradition case to resume in September, London court rules (Reuters) Hearings in the U.S. extradition case against WikiLeaks founder Julian Assange will resume in September after being postponed from later this month because of the coronavirus outbreak, a London court said on Monday.
NGA to release ESAS-II RFP at end of January (Intelligence Community News) On April 30, consistent with the Foreign Intelligence Surveillance Act of 1978 (FISA), as amended (codified in 50 U.S.C. § 1873(b)), and the Intelligence
E-sports Australia integrity boss eyes corruption threat in online games (The Business Times) Australia's newly appointed sports integrity boss has said he will work with the nation's e-sports industry in the fight against betting-related corruption after police revealed they had charged five men for match-fixing in online gaming. Read more at The Business Times.
Reveal the identities of alleged pirates, court tells ISP (Naked Security) It’s not the first ISP to be held accountable for alleged piracy: Cox is looking at a $1b damage order.
Apple Sued Corellium last Summer and the case is taking a Strange Twist involving Apple Photos that touch on 'National Security' (Patently Apple) In August 2019 Patently Apple posted a report titled "Apple Files a Copyright Infringement Lawsuit against Virtualization Software Company Corellium." Today we're learning that in the latest of the case’s twists, the DOJ has asked that Apple’s request for deposition of Corellium cofounder Chris Wade be delayed, but hasn’t openly stated why. The DOJ is interested in Apple's photo evidence ..